Vulnerability identifier: #VU85298
Vulnerability risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-88
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
bundler
Universal components / Libraries /
Software for developers
Vendor: Bundler
Description
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability occurs when working with untrusted and apparently harmless `Gemfile`'s. A local user can trick the victim into opening a specially crafted directory containing a `Gemfile` file that declares a dependency that is located in a Git repository and execute arbitrary code on the target system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
bundler: 0.3.0 - 2.2.32
External links
http://github.com/rubygems/rubygems/commit/a4f2f8ac17e6ce81c689527a8b6f14381060d95f
http://github.com/rubygems/rubygems/security/advisories/GHSA-fj7f-vq84-fh43
http://github.com/rubygems/rubygems/pull/5142
http://github.com/rubygems/rubygems/commit/0fad1ccfe9dd7a3c5b82c1496df3c2b4842870d3
http://www.sonarsource.com/blog/securing-developer-tools-package-managers/
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.